1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
15 description: The password for the aodh services.
18 #TODO(composable Redis): Remove the Redis password param
19 #As is used by ceilometer
20 CeilometerApiVirtualIP:
27 controllerExtraConfig:
30 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
32 ControllerExtraConfig:
35 Controller specific hiera configuration data to inject into the cluster.
40 A network mapped list of IPs to assign to Controllers in the following form:
42 "internal_api": ["a.b.c.d", "e.f.g.h"],
46 ControlVirtualInterface:
48 description: Interface where virtual ip will be assigned.
52 description: Enable IPv6 in Corosync
56 description: Set to True to enable debugging on all services.
60 description: Whether to enable fencing in Pacemaker or not.
64 description: Whether to use Galera instead of regular MariaDB.
68 description: Whether to deploy a LoadBalancer on the Controller
72 description: Whether to deploy Ceph Storage (OSD) on the Controller
76 description: Whether to enable Swift Storage on the Controller
81 Additional hieradata to inject into the cluster, note that
82 ControllerExtraConfig takes precedence over ExtraConfig.
87 Pacemaker fencing configuration. The JSON should have
88 the following structure:
92 "agent": "AGENT_NAME",
93 "host_mac": "HOST_MAC_ADDRESS",
94 "params": {"PARAM_NAME": "PARAM_VALUE"}
102 "agent": "fence_xvm",
103 "host_mac": "52:54:00:aa:bb:cc",
105 "multicast_address": "225.0.0.12",
106 "port": "baremetal_0",
108 "manage_key_file": true,
109 "key_file": "/etc/fence_xvm.key",
110 "key_file_password": "abcdef"
117 description: Flavor for control nodes to request when deploying.
120 - custom_constraint: nova.flavor
123 description: The short name of the Gnocchi backend to use. Should be one
124 of swift, rbd, or file
127 - allowed_values: ['swift', 'file', 'rbd']
128 GnocchiIndexerBackend:
130 description: The short name of the Gnocchi indexer backend to use.
136 description: The password for the gnocchi service and db account.
139 HAProxyStatsPassword:
140 description: Password for HAProxy stats endpoint
143 description: User for HAProxy stats endpoint
146 HAProxySyslogAddress:
148 description: Syslog address where HAproxy will send its log
150 HeatAuthEncryptionKey:
151 description: Auth encryption key for heat-engine
156 description: A list of IP/Hostname allowed to connect to horizon
157 type: comma_delimited_list
159 description: Secret key for Django
164 default: overcloud-control
166 - custom_constraint: glance.image
168 default: 'REBUILD_PRESERVE_EPHEMERAL'
169 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
171 InstanceNameTemplate:
172 default: 'instance-%08x'
173 description: Template string to be used to generate instance names
177 description: Name of an existing Nova key pair to enable SSH access to the instances
180 - custom_constraint: nova.keypair
184 description: Keystone region for endpoint
187 description: Whether to manage IPtables rules.
191 description: Enable IPv6 features in Memcached.
195 description: Whether IPtables rules should be purged before setting up the new ones.
200 MysqlClusterUniquePart:
201 description: A unique identifier of the MySQL cluster the controller is in.
203 default: 'unset' # Has to be here because of the ignored empty value bug
204 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
206 # - length: {min: 4, max: 10}
207 MysqlInnodbBufferPoolSize:
209 Specifies the size of the buffer pool in megabytes. Setting to
210 zero should be interpreted as "no value" and will defer to the
215 description: Configures MySQL max_connections config setting
218 MysqlClustercheckPassword:
224 default: '' # Has to be here because of the ignored empty value bug
225 NeutronMetadataProxySharedSecret:
226 description: Shared secret to prevent spoofing
230 description: The password for the neutron service and db account, used by neutron agents.
233 NeutronPublicInterface:
235 description: What interface to bridge onto br-ex for network nodes.
239 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
240 be at least 50 bytes smaller than the MTU on the physical network. This
241 value will be used to set the MTU on the virtual Ethernet device.
242 This number is related to the value of NeutronDnsmasqOptions, since that
243 will determine the MTU that is assigned to the VM host through DHCP.
252 Whether to create cron job for purging soft deleted rows in Nova database.
256 description: Enable IPv6 features in Nova
259 description: The password for the nova service and db account, used by nova-api.
264 description: The password for the 'pcsd' user.
266 PublicVirtualInterface:
269 Specifies the interface where the public-facing virtual ip will be assigned.
270 This should be int_public when a VLAN is being used.
274 default: '' # Has to be here because of the ignored empty value bug
277 default: '' # Has to be here because of the ignored empty value bug
280 description: The password for RabbitMQ
285 description: The username for RabbitMQ
290 Rabbit client subscriber parameter to specify
291 an SSL connection to the RabbitMQ host.
295 description: Set rabbit subscriber port, change this if using SSL
298 description: The password for Redis
303 default: '' # Has to be here because of the ignored empty value bug
306 default: '' # Has to be here because of the ignored empty value bug
307 description: An IP address which is wrapped in brackets in case of IPv6
308 SnmpdReadonlyUserName:
309 default: ro_snmp_user
310 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
312 SnmpdReadonlyUserPassword:
313 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
317 description: A random string to be used as a salt when hashing to determine mappings
323 description: Value of mount_check in Swift account/container/object -server.conf
328 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
331 description: Partition Power to use when building Swift rings
335 description: Whether to manage Swift rings or not
343 description: How many replicas to use in the swift rings.
346 description: The timezone to be set on controller nodes.
348 UpgradeLevelNovaCompute:
350 description: Nova Compute upgrade level
352 VirtualIP: # DEPRECATED: use per service settings instead
354 default: '' # Has to be here because of the ignored empty value bug
367 EnablePackageInstall:
369 description: Set to true to enable package installation via Puppet
373 description: Mapping of service_name -> network name. Typically set
374 via parameter_defaults in the resource registry.
378 description: Mapping of service endpoint -> protocol. Typically set
379 via parameter_defaults in the resource registry.
385 Setting to a previously unused value during stack-update will trigger
386 package update on all nodes
389 default: '' # Defaults to Heat created hostname
393 description: Optional mapping to override hostnames
394 NetworkDeploymentActions:
395 type: comma_delimited_list
397 Heat action when to apply network configuration changes
402 SoftwareConfigTransport:
403 default: POLL_SERVER_CFN
405 How the server should receive the metadata required for software configuration.
408 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
413 The DNS domain used for the hosts. This should match the dhcp_domain
414 configured in the Undercloud neutron. Defaults to localdomain.
418 Extra properties or metadata passed to Nova for the created nodes in
419 the overcloud. It's accessible via the Nova metadata API.
423 description: Optional scheduler hints to pass to nova
425 ServiceConfigSettings:
431 description: Do not use deprecated params, they will be removed.
433 - controllerExtraConfig
438 type: OS::Nova::Server
440 image: {get_param: Image}
441 image_update_policy: {get_param: ImageUpdatePolicy}
442 flavor: {get_param: Flavor}
443 key_name: {get_param: KeyName}
446 user_data_format: SOFTWARE_CONFIG
447 user_data: {get_resource: UserData}
450 template: {get_param: Hostname}
451 params: {get_param: HostnameMap}
452 software_config_transport: {get_param: SoftwareConfigTransport}
453 metadata: {get_param: ServerMetadata}
454 scheduler_hints: {get_param: SchedulerHints}
456 # Combine the NodeAdminUserData and NodeUserData mime archives
458 type: OS::Heat::MultipartMime
461 - config: {get_resource: NodeAdminUserData}
463 - config: {get_resource: NodeUserData}
466 # Creates the "heat-admin" user if configured via the environment
467 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
469 type: OS::TripleO::NodeAdminUserData
471 # For optional operator additional userdata
472 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
474 type: OS::TripleO::NodeUserData
477 type: OS::TripleO::Controller::Ports::ExternalPort
479 IPPool: {get_param: ControllerIPs}
480 NodeIndex: {get_param: NodeIndex}
481 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
484 type: OS::TripleO::Controller::Ports::InternalApiPort
486 IPPool: {get_param: ControllerIPs}
487 NodeIndex: {get_param: NodeIndex}
488 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
491 type: OS::TripleO::Controller::Ports::StoragePort
493 IPPool: {get_param: ControllerIPs}
494 NodeIndex: {get_param: NodeIndex}
495 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
498 type: OS::TripleO::Controller::Ports::StorageMgmtPort
500 IPPool: {get_param: ControllerIPs}
501 NodeIndex: {get_param: NodeIndex}
502 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
505 type: OS::TripleO::Controller::Ports::TenantPort
507 IPPool: {get_param: ControllerIPs}
508 NodeIndex: {get_param: NodeIndex}
509 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
512 type: OS::TripleO::Controller::Ports::ManagementPort
514 IPPool: {get_param: ControllerIPs}
515 NodeIndex: {get_param: NodeIndex}
516 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
519 type: OS::TripleO::Network::Ports::NetIpMap
521 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
522 ExternalIp: {get_attr: [ExternalPort, ip_address]}
523 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
524 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
525 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
526 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
527 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
528 StorageIp: {get_attr: [StoragePort, ip_address]}
529 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
530 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
531 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
532 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
533 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
534 TenantIp: {get_attr: [TenantPort, ip_address]}
535 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
536 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
537 ManagementIp: {get_attr: [ManagementPort, ip_address]}
538 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
539 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
542 type: OS::TripleO::Controller::Net::SoftwareConfig
544 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
545 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
546 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
547 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
548 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
549 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
550 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
553 type: OS::TripleO::SoftwareDeployment
555 name: NetworkDeployment
556 config: {get_resource: NetworkConfig}
557 server: {get_resource: Controller}
558 actions: {get_param: NetworkDeploymentActions}
561 interface_name: {get_param: NeutronPublicInterface}
563 # Resource for site-specific injection of root certificate
565 depends_on: NetworkDeployment
566 type: OS::TripleO::NodeTLSCAData
568 server: {get_resource: Controller}
570 # Resource for site-specific passing of private keys/certificates
572 depends_on: NodeTLSCAData
573 type: OS::TripleO::NodeTLSData
575 server: {get_resource: Controller}
576 NodeIndex: {get_param: NodeIndex}
579 ControllerDeployment:
580 type: OS::TripleO::SoftwareDeployment
581 depends_on: NetworkDeployment
583 name: ControllerDeployment
584 config: {get_resource: ControllerConfig}
585 server: {get_resource: Controller}
587 bootstack_nodeid: {get_attr: [Controller, name]}
588 haproxy_log_address: {get_param: HAProxySyslogAddress}
589 haproxy_stats_password: {get_param: HAProxyStatsPassword}
590 haproxy_stats_user: {get_param: HAProxyStatsUser}
591 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
592 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
593 horizon_secret: {get_param: HorizonSecret}
594 admin_password: {get_param: AdminPassword}
595 debug: {get_param: Debug}
596 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
597 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
598 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
599 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
600 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
601 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
602 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
603 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
604 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
605 enable_fencing: {get_param: EnableFencing}
606 enable_galera: {get_param: EnableGalera}
607 enable_load_balancer: {get_param: EnableLoadBalancer}
608 enable_ceph_storage: {get_param: EnableCephStorage}
609 enable_swift_storage: {get_param: EnableSwiftStorage}
610 manage_firewall: {get_param: ManageFirewall}
611 purge_firewall_rules: {get_param: PurgeFirewallRules}
612 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
613 mysql_max_connections: {get_param: MysqlMaxConnections}
614 mysql_root_password: {get_param: MysqlRootPassword}
615 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
618 template: tripleo-CLUSTER
620 CLUSTER: {get_param: MysqlClusterUniquePart}
621 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
622 neutron_password: {get_param: NeutronPassword}
623 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
624 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
625 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
626 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
627 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
628 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
629 aodh_password: {get_param: AodhPassword}
630 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
631 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
632 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
633 gnocchi_password: {get_param: GnocchiPassword}
634 gnocchi_backend: {get_param: GnocchiBackend}
635 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
636 ceilometer_coordination_url:
640 - {get_param: RedisPassword}
642 - {get_param: RedisVirtualIPUri}
647 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
649 - {get_param: GnocchiPassword}
651 - {get_param: [EndpointMap, MysqlInternal, host]}
656 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
658 - {get_param: AodhPassword}
660 - {get_param: [EndpointMap, MysqlInternal, host]}
662 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
663 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
664 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
665 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
666 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
667 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
668 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
669 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
670 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
671 nova_ipv6: {get_param: NovaIPv6}
672 corosync_ipv6: {get_param: CorosyncIPv6}
673 memcached_ipv6: {get_param: MemcachedIPv6}
674 nova_password: {get_param: NovaPassword}
678 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
680 - {get_param: NovaPassword}
682 - {get_param: [EndpointMap, MysqlInternal, host]}
687 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
689 - {get_param: NovaPassword}
691 - {get_param: [EndpointMap, MysqlInternal, host]}
693 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
694 instance_name_template: {get_param: InstanceNameTemplate}
695 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
696 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
697 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
698 fencing_config: {get_param: FencingConfig}
699 pcsd_password: {get_param: PcsdPassword}
700 rabbit_username: {get_param: RabbitUserName}
701 rabbit_password: {get_param: RabbitPassword}
702 rabbit_cookie: {get_param: RabbitCookie}
703 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
704 rabbit_client_port: {get_param: RabbitClientPort}
705 timezone: {get_param: TimeZone}
706 control_virtual_interface: {get_param: ControlVirtualInterface}
707 public_virtual_interface: {get_param: PublicVirtualInterface}
708 swift_hash_suffix: {get_param: SwiftHashSuffix}
709 swift_part_power: {get_param: SwiftPartPower}
710 swift_ring_build: {get_param: SwiftRingBuild}
711 swift_replicas: {get_param: SwiftReplicas}
712 swift_min_part_hours: {get_param: SwiftMinPartHours}
713 swift_mount_check: {get_param: SwiftMountCheck}
714 enable_package_install: {get_param: EnablePackageInstall}
715 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
716 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
717 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
718 cinder_iscsi_network:
722 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
723 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
724 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
725 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
726 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
727 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
728 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
729 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
730 keystone_region: {get_param: KeystoneRegion}
731 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
732 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
733 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
734 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
735 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
736 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
737 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
738 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
739 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
742 template: "['SUBNET']"
744 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
745 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
746 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
747 redis_vip: {get_param: RedisVirtualIP}
748 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
749 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
750 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
751 mysql_virtual_ip: {get_param: MysqlVirtualIP}
752 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
753 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
754 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
756 # Map heat metadata into hiera datafiles
758 type: OS::Heat::StructuredConfig
760 group: os-apply-config
765 - heat_config_%{::deploy_config_name}
766 - controller_extraconfig
772 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
773 - ceph_cluster # provided by CephClusterConfig
775 - bootstrap_node # provided by BootstrapNodeConfig
776 - all_nodes # provided by allNodesConfig
777 - vip_data # provided by vip-config
781 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
782 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
783 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
784 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
785 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
786 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
787 - midonet_data #Optionally provided by AllNodesExtraConfig
788 merge_behavior: deeper
791 mapped_data: {get_param: ServiceConfigSettings}
792 controller_extraconfig:
795 - {get_param: controllerExtraConfig}
796 - {get_param: ControllerExtraConfig}
798 mapped_data: {get_param: ExtraConfig}
800 raw_data: {get_file: hieradata/common.yaml}
803 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
804 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
805 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
807 raw_data: {get_file: hieradata/ceph.yaml}
809 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
810 ceph::profile::params::public_network: {get_input: ceph_public_network}
811 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
813 raw_data: {get_file: hieradata/database.yaml}
815 raw_data: {get_file: hieradata/object.yaml}
817 raw_data: {get_file: hieradata/controller.yaml}
818 mapped_data: # data supplied directly to this deployment configuration, etc
819 bootstack_nodeid: {get_input: bootstack_nodeid}
822 enable_fencing: {get_input: enable_fencing}
823 enable_load_balancer: {get_input: enable_load_balancer}
824 hacluster_pwd: {get_input: pcsd_password}
825 corosync_ipv6: {get_input: corosync_ipv6}
826 tripleo::fencing::config: {get_input: fencing_config}
829 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
830 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
831 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
832 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
833 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
834 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
835 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
836 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
837 swift_mount_check: {get_input: swift_mount_check}
840 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
841 cinder::api::bind_host: {get_input: cinder_api_network}
842 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
843 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
844 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
845 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
846 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
847 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
848 cinder::keystone::auth::password: {get_input: cinder_password }
849 cinder::keystone::auth::region: {get_input: keystone_region}
852 glance::api::bind_host: {get_input: glance_api_network}
853 glance::registry::bind_host: {get_input: glance_registry_network}
854 glance::keystone::auth::region: {get_input: keystone_region}
857 heat::api::bind_host: {get_input: heat_api_network}
858 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
859 heat::api_cfn::bind_host: {get_input: heat_api_network}
860 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
863 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
864 keystone::public_bind_host: {get_input: keystone_public_api_network}
865 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
866 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
869 mongodb::server::bind_ip: {get_input: mongo_db_network}
872 admin_password: {get_input: admin_password}
873 enable_galera: {get_input: enable_galera}
874 enable_ceph_storage: {get_input: enable_ceph_storage}
875 enable_swift_storage: {get_input: enable_swift_storage}
876 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
877 mysql_max_connections: {get_input: mysql_max_connections}
878 mysql::server::root_password: {get_input: mysql_root_password}
879 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
880 mysql_cluster_name: {get_input: mysql_cluster_name}
881 mysql_bind_host: {get_input: mysql_network}
882 mysql_virtual_ip: {get_input: mysql_virtual_ip}
885 neutron::bind_host: {get_input: neutron_api_network}
886 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
887 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
888 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
889 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
890 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
891 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
892 neutron::keystone::auth::password: {get_input: neutron_password }
893 neutron::keystone::auth::region: {get_input: keystone_region}
896 ceilometer::api::host: {get_input: ceilometer_api_network}
897 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
898 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
901 aodh_mysql_conn_string: {get_input: aodh_dsn}
902 aodh::rabbit_userid: {get_input: rabbit_username}
903 aodh::rabbit_password: {get_input: rabbit_password}
904 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
905 aodh::rabbit_port: {get_input: rabbit_client_port}
906 aodh::debug: {get_input: debug}
907 aodh::wsgi::apache::ssl: false
908 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
909 aodh::api::service_name: 'httpd'
910 aodh::api::host: {get_input: aodh_api_network}
911 aodh::api::keystone_password: {get_input: aodh_password}
912 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
913 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
914 aodh::auth::auth_url: {get_input: keystone_auth_uri}
915 aodh::auth::auth_password: {get_input: aodh_password}
916 aodh::db::mysql::password: {get_input: aodh_password}
917 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
918 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
919 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
920 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
921 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
922 aodh::keystone::auth::password: {get_input: aodh_password }
923 aodh::keystone::auth::region: {get_input: keystone_region}
926 gnocchi_backend: {get_input: gnocchi_backend}
927 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
928 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
929 gnocchi::debug: {get_input: debug}
930 gnocchi::wsgi::apache::ssl: false
931 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
932 gnocchi::api::service_name: 'httpd'
933 gnocchi::api::host: {get_input: gnocchi_api_network}
934 gnocchi::api::keystone_password: {get_input: gnocchi_password}
935 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
936 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
937 gnocchi::db::mysql::password: {get_input: gnocchi_password}
938 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
939 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
940 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
941 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
942 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
943 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
944 gnocchi::keystone::auth::region: {get_input: keystone_region}
947 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
948 nova::use_ipv6: {get_input: nova_ipv6}
949 nova::api::auth_uri: {get_input: keystone_auth_uri}
950 nova::api::identity_uri: {get_input: keystone_identity_uri}
951 nova::api::api_bind_address: {get_input: nova_api_network}
952 nova::api::metadata_listen: {get_input: nova_metadata_network}
953 nova::api::admin_password: {get_input: nova_password}
954 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
955 nova::database_connection: {get_input: nova_dsn}
956 nova::api_database_connection: {get_input: nova_api_dsn}
957 nova::glance_api_servers: {get_input: glance_api_servers}
958 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
959 nova::api::instance_name_template: {get_input: instance_name_template}
960 nova::network::neutron::neutron_password: {get_input: neutron_password}
961 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
962 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
963 nova::vncproxy::host: {get_input: nova_api_network}
964 nova::db::mysql::password: {get_input: nova_password}
965 nova::db::mysql_api::password: {get_input: nova_password}
966 nova_enable_db_purge: {get_input: nova_enable_db_purge}
967 nova::keystone::auth::public_url: {get_input: nova_public_url}
968 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
969 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
970 nova::keystone::auth::password: {get_input: nova_password }
971 nova::keystone::auth::region: {get_input: keystone_region}
974 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
975 apache::ip: {get_input: horizon_network}
976 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
977 horizon::django_debug: {get_input: debug}
978 horizon::secret_key: {get_input: horizon_secret}
979 horizon::bind_address: {get_input: horizon_network}
980 horizon::keystone_url: {get_input: keystone_auth_uri}
983 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
984 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
986 redis::bind: {get_input: redis_network}
987 redis_vip: {get_input: redis_vip}
989 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
990 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
992 memcached_ipv6: {get_input: memcached_ipv6}
993 memcached::listen_ip: {get_input: memcached_network}
994 timezone::timezone: {get_input: timezone}
995 control_virtual_interface: {get_input: control_virtual_interface}
996 public_virtual_interface: {get_input: public_virtual_interface}
997 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
998 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
999 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
1000 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
1001 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
1002 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1003 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
1004 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
1005 tripleo::haproxy::redis_password: {get_input: redis_password}
1006 tripleo::packages::enable_install: {get_input: enable_package_install}
1007 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1009 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1010 ControllerExtraConfigPre:
1011 depends_on: ControllerDeployment
1012 type: OS::TripleO::ControllerExtraConfigPre
1014 server: {get_resource: Controller}
1016 # Hook for site-specific additional pre-deployment config,
1017 # applying to all nodes, e.g node registration/unregistration
1019 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1020 type: OS::TripleO::NodeExtraConfig
1022 server: {get_resource: Controller}
1025 type: OS::TripleO::Tasks::PackageUpdate
1028 type: OS::Heat::SoftwareDeployment
1030 name: UpdateDeployment
1031 config: {get_resource: UpdateConfig}
1032 server: {get_resource: Controller}
1035 get_param: UpdateIdentifier
1039 description: IP address of the server in the ctlplane network
1040 value: {get_attr: [Controller, networks, ctlplane, 0]}
1041 external_ip_address:
1042 description: IP address of the server in the external network
1043 value: {get_attr: [ExternalPort, ip_address]}
1044 internal_api_ip_address:
1045 description: IP address of the server in the internal_api network
1046 value: {get_attr: [InternalApiPort, ip_address]}
1048 description: IP address of the server in the storage network
1049 value: {get_attr: [StoragePort, ip_address]}
1050 storage_mgmt_ip_address:
1051 description: IP address of the server in the storage_mgmt network
1052 value: {get_attr: [StorageMgmtPort, ip_address]}
1054 description: IP address of the server in the tenant network
1055 value: {get_attr: [TenantPort, ip_address]}
1056 management_ip_address:
1057 description: IP address of the server in the management network
1058 value: {get_attr: [ManagementPort, ip_address]}
1060 description: Hostname of the server
1061 value: {get_attr: [Controller, name]}
1064 Server's IP address and hostname in the /etc/hosts format
1068 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1069 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1070 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1071 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1072 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1073 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1074 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1076 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1077 DOMAIN: {get_param: CloudDomain}
1078 PRIMARYHOST: {get_attr: [Controller, name]}
1079 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1083 - - {get_attr: [Controller, name]}
1085 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1089 - - {get_attr: [Controller, name]}
1091 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1095 - - {get_attr: [Controller, name]}
1097 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1101 - - {get_attr: [Controller, name]}
1103 TENANTIP: {get_attr: [TenantPort, ip_address]}
1107 - - {get_attr: [Controller, name]}
1109 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1113 - - {get_attr: [Controller, name]}
1115 nova_server_resource:
1116 description: Heat resource handle for the Nova compute server
1118 {get_resource: Controller}
1120 description: Swift device formatted for swift-ring-builder
1123 template: 'r1z1-IP:%PORT%/d1'
1125 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1126 swift_proxy_memcache:
1127 description: Swift proxy-memcache value
1130 template: "IP:11211"
1132 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1134 description: identifier which changes if the controller configuration may need re-applying
1138 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1139 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1140 - {get_attr: [NodeTLSData, deploy_stdout]}
1141 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1142 - {get_param: UpdateIdentifier}
1143 tls_key_modulus_md5:
1144 description: MD5 checksum of the TLS Key Modulus
1145 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1146 tls_cert_modulus_md5:
1147 description: MD5 checksum of the TLS Certificate Modulus
1148 value: {get_attr: [NodeTLSData, cert_modulus_md5]}
Code Review / apex-tripleo-heat-templates.git / blob